An Internet security firm has revealed that a Philippine bank has been attacked by the same hacker group which took $81 million from the Bangladesh central bank and attempted to steal over $1 million from the Tien Phong Bank in Vietnam.
In a report released on Friday, May 27, tech firm Symantec said a bank in Philippines, which it did not identify, was also targeted by attackers, whose malware code was used by the Lazarus group which hacked the Bangladesh and Vietnamese banks.
Symantec said the attacks can be traced back as far as October 2015, two months prior to the discovery of the failed attack in Vietnam, which was the earliest known incident.
The attack against the Bangladesh central bank triggered an alert by payments network SWIFT, after it was found the attackers had used malware to cover up evidence of fraudulent transfers, according to Symantec.
SWIFT issued a further warning, saying that it had found evidence of malware being used against another bank in a similar fashion. Vietnam’s Tien Phong Bank subsequently stated that it intercepted a fraudulent transfer of over $1 million in the fourth quarter of last year.
SWIFT concluded that the second attack indicates that a ?wider and highly adaptive campaign? is underway targeting banks, Symantec noted
A third bank, Banco del Austro in Ecuador, was also reported to have lost $12 million to attackers using fraudulent SWIFT transactions. However, no details are currently known about the tools used in this incident or if there are any links to the attacks in Asia.
Symantec said the discovery of more attacks provides further evidence that the group involved is conducting a wide campaign against financial targets in the region.
“While awareness of the threat posed by the group has now been raised, its initial success may prompt other attack groups to launch similar attacks. Banks and other financial institutions should remain vigilant,” it warned.